package com.yanyeori.framework.security.config;

import com.yanyeori.framework.core.constant.BaseWebCodeEnum;
import com.yanyeori.framework.core.model.WebResponse;
import com.yanyeori.framework.core.util.ServletUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 权限不足处理类，返回403
 *
 * @author chenkuan 2020/11/20
 */
@Slf4j
public class SecurityAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
        //登陆状态下，权限不足执行该方法
        log.info(BaseWebCodeEnum.FORBIDDEN.msg());
        ServletUtil.writeToResponse(response, BaseWebCodeEnum.FORBIDDEN.code(), WebResponse.fail(BaseWebCodeEnum.FORBIDDEN.code(), BaseWebCodeEnum.FORBIDDEN.msg()));
    }
}
